<?php
class CMRAuthenticator
{
	private $user = "";
	private $SessionID = "";
	private $UserID = "";
	private $Database;
	private $UserTable;
	private $logonTime=3600; //1 hour

	public function setDatabase($database)
	{
		$this->Database = $database;
	}

	public function setUserTable($userTable)
	{
		$this->UserTable = $userTable;
	}

	public function getLongUsers()
	{
		$aDatabase = $this->Database->Recopy();
		$sql = "SELECT UserID, LongName FROM ".$this->UserTable;
		$aDatabase->ExecuteSql($sql);
		$Users = array();
		while($row = $aDatabase->getRow())
		{
			$Users[$row['UserID']]=$row['LongName'];
		}
		return $Users;
	}

	public function getShortUsers()
	{
		$aDatabase = $this->Database->Recopy();
		$sql = "SELECT UserID, ShortName FROM ".$this->UserTable;
		$aDatabase->ExecuteSql($sql);
		$Users = array();
		while($row = $aDatabase->getRow())
		{
			$Users[$row['UserID']]=$row['ShortName'];
		}
		return $Users;
		
	}

	public function getUser()
	{
		return $this->user;
	}

	public function getSessionID()
	{
		return $this->SessionID;
	}

	public function getUserID()
	{
		return $this->UserID;
	}

	public function isLoggedOn($SessionID,$User)
	{
//		$outreachDatabase = new Database("localhost","mstoddart_CMR","CMRUser","cathedralmusic");
//		$outreachDatabase = new Database("localhost","mstoddart_CMRTest","CMRTestUser2","cathedralmusic");
		$outreachDatabase = $this->Database->Recopy();
		$sql="SELECT Expires FROM UserSessions WHERE SessionID = '$SessionID' AND Username = '$User'";
		$outreachDatabase->ExecuteSql($sql);
		if($row=$outreachDatabase->getRow())
		{
//			echo "Database Expires ".strtotime($row['Expires'])." time now ".time();
			if(strtotime($row['Expires'])>time())
			{
				$Expires = strftime("%Y%m%d%H%M%S",mktime() + $this->logonTime);
//				$aDatabase = new Database("localhost","mstoddart_CMR","CMRUser","cathedralmusic");
//				$aDatabase = new Database("localhost","mstoddart_CMRTest","CMRTestUser2","cathedralmusic");
				$aDatabase = $this->Database->Recopy();				
				$sql="UPDATE UserSessions SET Expires = '$Expires' WHERE SessionID = '$SessionID' AND Username = '$User'";
				$aDatabase->ExecuteSql($sql);
				$this->user = $User;
				$sql = "SELECT UserID, LongName FROM ".$this->UserTable;
				$aDatabase->ExecuteSql($sql);
				$userid = 0;
				while($row = $aDatabase->getRow())
				{
					if($row['LongName']==$User)
						$userid = $row['UserID'];
				}
				$this->UserID = $userid;
				
				return true;
			}
		}
		return false;
	}

	public function displayLogOn()
	{
		echo file_get_contents("Pages/PageLogon.php");
	}

	private function isValidLogon($Username,$Password)
	{
//		$aDatabase = new Database("localhost","mstoddart_CMR","CMRUser","cathedralmusic");
//		$aDatabase = new Database("localhost","mstoddart_CMRTest","CMRTestUser2","cathedralmusic");
		$aDatabase = $this->Database->Recopy();
		$sql = "SELECT UserID, LongName, Password FROM ".$this->UserTable;
		$aDatabase->ExecuteSql($sql);
		while($row = $aDatabase->getRow())
		{
			if(($row['LongName']==$Username)&&($row['Password']==$Password))
				return $row['UserID'];
		}
		return 0;
	}

	public function tryLogOn($Group,$Username,$Password)
	{
		$userID = $this->isValidLogon($Username,$Password);
		if ($userID != 0)
		{
			$Expires = strftime("%Y%m%d%H%M%S",mktime() + $this->logonTime); 
			$this->user = $Username;
			$this->UserID = $userID;
//			$outreachDatabase = new Database("localhost","mstoddart_CMR","CMRUser","cathedralmusic");
//			$outreachDatabase = new Database("localhost","mstoddart_CMRTest","CMRTestUser2","cathedralmusic");
			$outreachDatabase = $this->Database->Recopy();
			$sql="INSERT INTO UserSessions (Expires, Username) Values('$Expires','$Username')";
			$outreachDatabase->ExecuteSql($sql);
			$sql="SELECT SessionID FROM UserSessions WHERE Expires = '$Expires' AND Username = '$this->user'";
			$outreachDatabase->ExecuteSql($sql);
			if($row=$outreachDatabase->getRow())
			{
				$this->SessionID = $row['SessionID'];
//				echo "SessionID ".$row['SessionID'];
			}

			return true;
		}
	}
}

?>